[00:02] depends on the protocol [00:02] * mhall119 assumes you're talking network printing [00:24] itnet7: ping [00:43] evening fellas [15:08] RoAkSoAx: pong [15:14] itnet7: pm [15:14] morning itnet7 [15:14] and RoAkSoAx [15:21] morning [15:27] morning mhall119 :) [15:28] hey there mhall119 ! [15:33] Morning everyone [15:35] Morning reya276 ! [15:35] Hope things get better today, read you FB post [15:36] LOL, yeah me too man [15:36] read you/read your/s/ [15:36] feel like total junk today [15:36] Sorry to hear that [15:37] itnet7, do you know of a good guide to setup an ssh/SFTP for clients to connect to a Ubuntu server and Download/Upload files to [15:38] reya276: I think there are some really good Server Community Documents that are pretty straightforward, let me see if I can find some links [15:40] ah cool, thanks. I'm actually looking in there now but I don't see anything like what I want to do. I know that at some point when I was a total newbie with Ubuntu I saw something where you could sertup OpenSSH with Mysql and use to allow clients to connect [15:46] reya276: sudo apt-get install ssh [15:46] Then any user on that machine can connect remotely. ssh user@host [15:46] oh yeah I got OpenSSH install already, but I need to know how to add multiple users kind a like a an SFTP [15:47] without having to create system accounts [15:47] The same way you add any other user to your ubuntu machine [15:47] You could create a guest account, and then ask for ssh keys. [15:47] right but then that would create multiple accounts on the server [15:47] But that would bypass any sort of seperation of users. [15:47] I know there is a way to do it with mySQL [15:47] Assuming that seperation of users is desirable. [15:48] ssh, at its core, allows users of a Unix machine to connect remotely. I don't think there's any way for someone to connect to a machine over ssh without a user account. Then again, ssh is pretty powerful and I don't even begin to know all of its uses. [15:49] what I have also is that while a user is logged on to the server they can see other users home dir [15:49] and see their files and folders [15:50] oh wait can I create a group called external users and then make them part of that group then can I allow them to only see their files/folders [15:54] reya276: ssh requires a shell program, but I seem to recall that there is a special one that can be used to only allow SFTP, without being able to browse other people's stuff [15:55] reya276: check out http://www.pizzashack.org/rssh/ it might do what you want [15:55] yeah is called mySecureShell but the connection on that is way slow [15:56] oh this is something new, thanks [16:00] ok is there a way to create users so that they can only see their user files/folders but no other users? [16:00] I believe that SFTP is its own protocol that doesn't necessarily have anything to do with FTP or SSH. IIRC, SFTP is a means of transfering files over a secure connection, but it is not FTP over SSH. [16:00] Though, I could be wrong. [16:00] reya276: yeah, chroot jails, it mentions them in the FAQ of that program [16:01] maxolasersquad: SFTP is tied to SSH, but different from FTP [16:01] mhall119: Thanks. [16:01] you are corrent that it is not FTP over SSH, it is a different protocol, but it does run over SSH [16:01] FTPS (confusingly enough) _is_ the FTP protocol over SSL [16:01] yeah but that app says there are pontential security risk and I'm not that good at configuring things [16:02] the default ssh setup right now is secure tight and all I really need to is to not let users see each others files/folders [16:03] ssh conn is fine for them to use as they will be using WinSCP to connect or any other SSH client they can configure [16:04] we have a similar setup but is tied to our Ubuntu email server and that server is slow as hell due to it being so old [16:04] it's a Dell 2650 === jussi01_ is now known as jussi [17:39] Ah I figured it out, if you set the permissions to sudo chmod -R 700 /home/ it will only allow that particular user to see his files and folders no one else will be able to see them. [17:41] and then on the SSH Server for maximum security you set the Allow Root login to NO and then create a group for the users whom will be connecting, make them part of that group and then on the... [17:42] SSH server you "Allow all Users from X group" to connect as well as "Allow individual X user" to connect and there yah got a nice and tight SSH with no slowdown [17:42] as long as those SSH keys hold one should be OK [17:43] Also it is best to have a Hardware Firewall not a software one, or if you can have both would be even better [17:48] reya276: IMHO software firewalls are just for outbound protection. Inbound should be done with a hardware solution. [17:49] And a NAT solution will take care of most of your inbound needs. [17:49] exactly [17:49] which is why I suggested both [17:50] but Hardware one is just fine too [17:50] as long as it is a good one' [17:51] I only roll with a hardware firewall. I'm not too concerned with outbound security. [17:51] Which is just a personal preference. [17:51] And make sure you let that bad boy do the One-To-One NAT conns and straight [17:54] oh hey this http://www.youtube.com/watch?v=cLDLAXRetWU&feature=player_embedded is pretty cool I had no Idea you could make AWN your default Panel for GNome, I guess you could do the same with Docky === locobot_4_2 is now known as locobot_4 [20:01] i'm a doctor not a physicist [20:38] Any fellow Palm Beach area Penguins? === Epidemic_ is now known as Epidemic [20:41] i'm in martin county [20:41] does that count? [20:49] Think I was just up that way a couple days ago working at the fpl plant [20:51] It's a little north but I guess I could say it semi counts [20:53] anyone in here active in the pbclug? [20:53] I was just at improv last night to see Gabriel Iglesias [20:54] Thats one funny Mexican :p [20:55] it was an awesome show [20:55] I bet [20:56] Was working on a friends wifi .. last night .. ~500ft between the house and guest house .. [20:56] setup my cantennas to prove to him that it's really not that long of a distance for the right setup [20:58] then we proceeded to mount and aim a pair of unused satellite dishes at each other .. that was impressive .. overkill a little but cool to do [21:33] bbl [21:41] itnet7: ping